FBI - Cybercriminals stole $262M by impersonating bank support teams

The FBI is warning of a significant surge in account takeover (ATO) fraud schemes, with cybercriminals impersonating financial institutions and stealing over $262 million since January 2025. The agency’s Internet Crime Complaint Center (IC3) has received over 5,100 complaints indicating a widespread impact across individuals, businesses, and organizations in all industry sectors.

The primary method involves gaining unauthorized access to online bank, payroll, or health savings accounts through social engineering tactics or fraudulent websites. Once criminals successfully compromise an account, they swiftly transfer funds to cryptocurrency wallets, making recovery extremely challenging. In many instances, they also change account passwords, locking legitimate owners out of their own accounts.

The FBI highlights that these cybercriminals often impersonate bank staff or customer support personnel via text messages, phone calls, or emails. These impersonators manipulate victims into divulging login credentials, including multi-factor authentication (MFA) or One-Time Passcode (OTP) codes.

The stolen credentials are then used to log in to the financial institution’s website and initiate a password reset, giving the attackers complete control of the account.

Victim reports reveal that some criminals falsely claim the victim’s information was used for fraudulent transactions or even firearm purchases. This is used to trick the victim into visiting a phishing website or providing sensitive information to a second criminal impersonating law enforcement. The phishing websites employed in these attacks are designed to closely resemble legitimate financial institutions or payroll websites.

Attackers also leverage search engine optimization (SEO) poisoning tactics to promote their fraudulent websites, pushing them to the top of search results through ads.

The FBI advises users to closely monitor their financial accounts, use unique and complex passwords, enable multi-factor authentication, and use bookmarks instead of search results to access banking websites. Victims should immediately contact their financial institution to request a recall and obtain a Hold Harmless Letter/indemnification documents, which may help reduce losses. The FBI also recommends filing detailed complaints at ic3.gov, including information about criminal financial accounts and impersonated companies. In September, the FBI also warned that cybercriminals are impersonating the Internet Crime Complaint Center (IC3) website in financial scams or to steal their targets’ personal information.

To read the complete article see: Link to the Article \n